BLINDINGCAN
Essential information
- Confidence
- 100/100
- Is family
- Yes
- Published
- 27/10/2020 19:45
- Modified
- 27/03/2026 01:02
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 53 attack patterns (mitre), 2 intrusion sets (apt), 8 sectors, 6 countries, 45 indicators, 1 vulnerabilities (cve), 1 reports
Description
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (53)
Intrusion sets (APT) (2)
-
The MITRE Corporation Confidence 100
[Lazarus Group](https://attack.mitre.org/groups/G0032) is a North Korean state-sponsored cyber threat group attributed to the Reconnaissance General Bureau (RGB). (Citation: US-CERT HIDDEN COBRA June 2017) (Citation: Treasury North Korean Cyber…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Lazarus usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (8)
-
Defense targets
-
Road transport targets
-
Universities targets
-
Government targets
-
Media targets
-
Air transport targets
-
Political parties targets
-
Technology targets
Countries (6)
-
Taiwan targets
-
Belgium targets
-
Hong Kong targets
-
Cyprus targets
-
United States of America targets
-
Netherlands targets
Indicators (45)
-
stix 100/100 Revoked
Win64:Evo-gen\ [Susp] SHA256 of ca6658852480c70118feba12eb1be880 SHA256 of ca6658852480c70118feba12eb1be880
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
LZMA SHA256 of d1c652b4192857cb08907f0ba1790976
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
LZMA SHA256 of 78d42cedb0c012c62ef5be620c200d43 SHA256 of 78d42cedb0c012c62ef5be620c200d43
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
TELPER:Trojan:Win32/ShortWick.B!dha SHA256 of 706e55af384e1d8483d2748107cbd57c
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
Other:Malware-gen\ [Trj] SHA256 of 9121f1c13955506e33894ffd780940cd
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
Win64:Trojan-gen SHA256 of 1bd0ca304cdecfa3bd4342b261285a72
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SHA256 of f4b55da7870e9ecd5f3f565f40490996
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100
Other:Malware-gen\ [Trj] SHA256 of 1f254dd0b85edd7e11339681979e3ad6
· Valid until 01/09/2026 · Source: AlienVault -
stix 100/100 Revoked
Win64:Trojan-gen SHA256 of cd5357d1045948ba62710ad8128ae282
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked
SLF:SCPT:OffRelAttachedTemplateHttp.A SHA256 of 183ad96b931733ad37bb627a958837db
· Valid until 15/07/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/11/2022 · Source: AlienVault
-
stix 100/100 Revoked
SHA256 of 0071b20d27a24ae1e474145b8efc9718
· Valid until 15/07/2024 · Source: AlienVault
Vulnerabilities (CVE) (1)
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
- Published
- 31/03/2022
- Modified
- 29/05/2026
Reports (1)
-
Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools